Tag Info

To add onto KIKO's answer, you are on the right track.
Ultimately there is quite a bit you can change and there's a ton I would fix myself. But I'm not going to re-write the whole thing for you. Hopefully these pointers will help you move in the right direction.
First things first lets answer your question:
Your Question
How do you put the message ...

I hate to break it to you, but no this is not very secure. While you are using some techniques to help secure it, there are still a few flaws with how you are managing the input and SQL checks.
mySQL vs. mySQLi
USE MYSQLI... you need the "i", mySQL is old and deprecated and should not be used if you are using a new enough version of PHP. 7+ Supports the ...

First of all, it's a good thing that you asked, only a few do care about handling errors.
Unfortunately, the way you choose is frowned upon, in both cases. Luckily, I've got a couple articles that cover your question in every possible detail:
a generalized one, PHP error reportig will show you the right approach for handling errors in general
a direct ...

The first thing that would benefit this code, beside removing the useless initialization for cost, is to save the models.OperatorCostAsia.objects.filter(country=country_code) queryset for reuse instead of rebuilding it each time. It feels easier to understand and filtering twice is identical to using two parameters in a single filter anyway:
def ...

By default you will have a numeric userId as well. Using the numeric userId rather than the username will probably perform better and reduce the size of the other tables. The userId will be a foreign key in 3 of the 4 tables and you need to consider the restraints that apply in each of the tables.
Naming a picture in the user's profile pictureurl could be ...

The code isn't unreasonable. There are ways to clean it up, though.
Functions
Organize your code into sub-routines - perhaps one to load categories from your spreadsheet, one to write information to your database, etc.
Magic numbers
Numbers like 26, 27, 19, etc. should be assigned to constants, to make the code easier to understand.
Ineffectual commit
...

I don't know anything about mysql, so I'm ignoring that part of your question.
For SQL Server, if you're trying to make an insert go faster you're going to want to:
Do it in bulk
Do it in parallel
Make it minimally logged
Do it in batches
There are some things you can do that will handle all of this for you, which I list below, otherwise you'll have to ...

Disclaimer: there will be a lot of links to my own site because I am helping people with PHP for 20+ years and got an obsession with writing articles about most common issues.
I don't know much about restful stuff or whether it does matter, but there are many other areas of improvement. Let's review some of them
The selectData() function
First of all, ...

Firstly I'd suggest following PEP8 and/or using an auto-formatter like black, but if it's just you working on it
that is a bit less of an issue than if other people were involved.
Suffice to say, most code follows that and it usually gets flagged first
thing (because it's so noticeable).
Reading the code, is that all there is, you are able to log in via a
...

You can decide between to structural design patterns:
Template Method Pattern
Strategy Pattern
I would go with the Template Method Pattern because you do not reuse the algorithm which is a benefit of the Strategy Pattern.
In the first step we need to create an abstract class which has all the common code and a invocation of an abstract method where the ...

You must never store passwords as plain text in the database. Read an article about password hashing to avoid this mistake in the future.
Make sure that you have a unique index on the username column. Otherwise it will be possible to create several users with the same username, and with equal or differing passwords.

You should really try to use a more modern approach to closeable resources. The try-with-resources statement has been introduced in Java 7 (2011).
This gets rid of all the hocus-pocus around closing and nested exceptions for you. Trivial rewrite of the first function:
public static boolean checkLogin(String username, String password) {
Connection ...

Funny coincidence, I just created the solution for your problem (but in PHP). The common thing here is the one-time use of a prepared statement, the difference is in the query string and arguments, so what you need is a function that accepts a query string, an argument determining what execution function to use (executeQuery() or executeUpdate()) and the ...